0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-12-13 17:43:16 +01:00

Sanity-check room ids in event auth (#6530)

When we do an event auth operation, check that all of the events involved are
in the right room.
This commit is contained in:
Richard van der Hoff 2019-12-13 11:44:41 +00:00 committed by GitHub
parent 5cadbd9ebb
commit 971a0702b5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 14 additions and 0 deletions

2
changelog.d/6530.misc Normal file
View file

@ -0,0 +1,2 @@
Improve sanity-checking when receiving events over federation.

View file

@ -50,6 +50,18 @@ def check(room_version, event, auth_events, do_sig_check=True, do_size_check=Tru
if not hasattr(event, "room_id"):
raise AuthError(500, "Event has no room_id: %s" % event)
room_id = event.room_id
# I'm not really expecting to get auth events in the wrong room, but let's
# sanity-check it
for auth_event in auth_events.values():
if auth_event.room_id != room_id:
raise Exception(
"During auth for event %s in room %s, found event %s in the state "
"which is in room %s"
% (event.event_id, room_id, auth_event.event_id, auth_event.room_id)
)
if do_sig_check:
sender_domain = get_domain_from_id(event.sender)